OWASP Global AppSec EU 2026 Vienna

People in your organization might have a living-breathing backdoor right now, and you don’t even know it.

EDR wouldn’t catch it - not because it employs a zero-day, but because it behaves harmlessly. It might be a malicious extension that wasn’t flagged yet that has excessive permissions, it might be an NPM package that reads .env files and sends them to a remote server, and it might be an Android application tracking your location.

During our research we detected two seemingly innocent Chrome extensions that add a sidebar with AI capabilities over any website, with a total of 900,000+ users. These extensions had a backdoor that exfiltrated both your browser history and your ChatGPT & DeepSeek conversations - none of them were flagged by anti-malware and EDR tools.

These extensions, together with almost any add-on, NPM package, or application you have installed have broad permissions, giving them the ability to execute code, read files, and basically do anything on your machine.

During our presentation we will present how we dissect a malicious Chrome extension, the techniques that it uses to avoid detection and how it reads and exfiltrates data. We’ll also show how actors think, from cloning legitimate extensions, adding their malicious code and bypassing store reviews in order to publish their malicious extensions into the official Chrome Web Store.

We will present how the permissions model works in different platforms, including the Chrome Web Store, the Android Play Store, and IDE marketplaces - allowing different malware on different platforms to perform bad activities.

Lastly, we will give our insights about how to best protect your personal browser at home and in your organization, to help you reduce the possibility of being infected from malware in official marketplaces. We’ll also discuss how a good permission model should look like, and what companies can do to return the power to the users over their private information in order to protect them from extensions and applications reading their data unknowingly.